﻿using System.Threading.Tasks;
using IdentityServer4.Validation;
using K9Nano.Authorization;

namespace K9Nano.Admin.Authentication
{
    public class K9TokenValidator : ICustomTokenRequestValidator
    {
        protected readonly IUserBlacklistChecker BlacklistChecker;

        public K9TokenValidator(IUserBlacklistChecker blacklistChecker)
        {
            BlacklistChecker = blacklistChecker;
        }

        public virtual async Task ValidateAsync(CustomTokenRequestValidationContext context)
        {
            if (await BlacklistChecker.IsForbiddenAsync(context.Result.ValidatedRequest.UserName,
                context.Result.ValidatedRequest.ClientId, default))
            {
                context.Result.IsError = true;
                context.Result.Error = "User is on the blacklist";
            }
        }
    }
}